> The sender's SPF record includes the sending IP (40.107.96.128) in the > secureserver.net <http://secureserver.net> entry, and SPF_PASS is hit. >
Without even checking anything I can already remember that this secureserver.net is shit. I have blocked whole ranges of them, they send spam, try passwords etc. I have the impression that there is nothing secure about secureserver and everything seems to be hacked there. You will always have false positives, and probably even more in the future, there is going to be more and more networks trying to mix spam with legitimate email. For this you have to create some way to unmark / whitelist email addresses.
